Critical severity9.8NVD Advisory· Published Aug 1, 2016· Updated Jun 17, 2026
CVE-2016-4373
CVE-2016-4373
Description
The AdminUI in HPE Operations Manager (OM) before 9.21.130 on Linux, Unix, and Solaris allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Affected products
7cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*+ 5 more
- cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:linux:*:*:*
- cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:solaris:*:*:*
- cpe:2.3:a:hp:operations_manager:9.20.0:*:*:*:unix:*:*:*
- cpe:2.3:a:hp:operations_manager:*:*:*:*:*:linux:*:*range: <=9.21.120
- cpe:2.3:a:hp:operations_manager:*:*:*:*:*:solaris:*:*range: <=9.21.120
- cpe:2.3:a:hp:operations_manager:*:*:*:*:*:unix:*:*range: <=9.21.120
- Range: <9.21.130
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.